Name
Title | ||
|---|---|---|
Unnecessarily Identifiable: Quantifying the fingerprintability of browser extensions due to bloat |
Abstract | ||
|---|---|---|
In this paper, we investigate to what extent the page modifications that make browser extensions fingerprintable are necessary for their operation. We characterize page modifications that are completely unnecessary for the extension's functionality as extension bloat. By analyzing 58,034 extensions from the Google Chrome store, we discovered that 5.7% of them were unnecessarily identifiable because of extension bloat. To protect users against unnecessary extension fingerprinting due to bloat, we describe the design and implementation of an in-browser mechanism that provides coarse-grained access control for extensions on all websites. The proposed mechanism and its built-in policies, does not only protect users from fingerprinting, but also offers additional protection against malicious extensions exfiltrating user data from sensitive websites.
|
Year | DOI | Venue |
|---|---|---|
2019 | 10.1145/3308558.3313458 | WWW '19: The Web Conference
San Francisco
CA
USA
May, 2019 |
Field | DocType | ISBN |
World Wide Web,Computer science,User engagement,Readability,Access control,Backtracking | Conference | 978-1-4503-6674-8 |
Citations | PageRank | References |
1 | 0.36 | 12 |
Authors | ||
4 | ||
Name | Order | Citations | PageRank |
|---|---|---|---|
| Oleksii Starov | 1 | 102 | 9.31 |
| Pierre Laperdrix | 2 | 64 | 7.97 |
| Alexandros Kapravelos | 3 | 324 | 20.58 |
| Nick Nikiforakis | 4 | 865 | 53.35 |